CVE-2026-43918 - Suspended or inactive FOSSBilling accounts can retain or regain access through existing sessions, API tokens, and password reset flows
CVE ID :CVE-2026-43918 Published : July 6, 2026, 10:16 p.m. | 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, when a client or staff/admin account is suspended or marked inactive, existing authenticated sessions are...